Freecycle, a renowned online platform dedicated to the free exchange of pre-owned items, has reported a significant data breach impacting over 7 million of its users.
The breach came to light several weeks after malicious actors had already placed the compromised data up for sale on a notorious hacking forum on May 30. The organization, a nonprofit, became aware of the incident on Wednesday and promptly alerted its user base to change their passwords without delay.
Details compromised in the breach encompassed usernames, User IDs, email IDs, and passwords encrypted using the MD5 algorithm. Fortunately, no further user data was jeopardized, as confirmed by Freecycle. However, the screenshots displayed by the hackers seem to indicate that they also managed to procure the credentials of Deron Beal, the founder and executive director of Freecycle. This could potentially provide them with complete access to all user details and discussions within the forum.
In a statement visible on the Freecycle homepage, Beal expressed, “We realized a data compromise on Freecycle.org on August 30th. Consequently, we’re urging our entire user base to update their passwords immediately. We deeply regret this situation, and we’re actively working to rectify it. Stay tuned for further updates.”
For those utilizing identical login credentials across different online platforms, a change of password on those sites is strongly recommended to thwart any unauthorized accesses.
For Freecycle users wishing to reset their passwords, the process is twofold:
- Navigate to your user profile, head to settings, and proceed to the ‘Password Reset’ option.
- Opt for the password reset option via email.
It’s worth noting that due to the current high demand on Freecycle’s email servers, users might experience a delay, sometimes up to an hour, in the password reset process.
After identifying the breach, Freecycle dutifully informed the relevant regulatory bodies.
The organization further reminded users, “Given the current scenario, there’s a possibility of an uptick in spam emails. As a precaution, we suggest users be on the lookout for suspicious emails, avoid any embedded links, and refrain from downloading any attachments unless anticipated.”
Globally, Freecycle boasts of a strong community with close to 11 million users spanning over 5,300 towns.